On Sat, Nov 25, 2017 at 10:41:13PM +0500, Tariq Saraj wrote:
> Please provide your valuable feedback on the newly uploaded draft.
> draft-tariq-dnsop-iviptr-00
> <https://datatracker.ietf.org/doc/draft-tariq-dnsop-iviptr/>
> *IVIPTR: Resource Record for DNS*
Hello Tariq,
I have read through this draft and it left me pretty confused, both in terms
of the motivation and the practicalities.
If understand it correctly, the idea is to find the 'corresponding' IPv4
address to an IPv6 address? And that this could then be applied to
transposing access control list rules from one protocol to the other?
In other words, I could have something like 'allow from 192.0.2.1', and
through an IVIPTR lookup, this could be mirrored to 'allow from
2001::db8::2:1'? Can you confirm that this is the intended goal?
In terms of practicalities, I implement both resolving and authoritative
nameservers, and your section 3 and 4 leave me confused if I have to do
anything or not, except support the record format. The wording is very hard
to follow and could do with a lot more whitespace and perhaps enumerated
steps.
If it turns out that resolvers or authoritative servers need to do something
special, your draft should definitely talk about how to cope with servers
that do not perform such special processing.
Good luck!
Bert
>
>
> --
> Regards
> Tariq Saraj
> Riphah Institute of Systems Engineering, Islamabad
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
